Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/aruhier/ansible-role-unbound
Ansible role to setup unbound
https://github.com/aruhier/ansible-role-unbound
ansible archlinux debian dns redhat unbound
Last synced: 3 months ago
JSON representation
Ansible role to setup unbound
- Host: GitHub
- URL: https://github.com/aruhier/ansible-role-unbound
- Owner: aruhier
- License: bsd-2-clause
- Created: 2017-02-13T22:01:29.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2024-10-22T13:03:59.000Z (3 months ago)
- Last Synced: 2024-10-31T14:45:28.493Z (3 months ago)
- Topics: ansible, archlinux, debian, dns, redhat, unbound
- Language: Jinja
- Size: 85 KB
- Stars: 13
- Watchers: 2
- Forks: 21
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
Ansible Role: Unbound
=====================
[](https://travis-ci.org/aruhier/ansible-role-unbound)
Ansible role to install and configure Unbound.
Role default variables
----------------------
As there is a lot of options in unbound, only the default values will be listed
here.
Some variables are override depending on the distribution.
```yaml
unbound_conf_path: "/etc/unbound/unbound.conf"
unbound_enable_service: true
unbound_service_name: "unbound"
unbound_packages:
- "unbound"
### Server ###
unbound_verbosity: 1
unbound_username: "unbound"
unbound_directory: "/etc/unbound"
unbound_port: 53
unbound_num_threads: 1
unbound_interfaces:
- 127.0.0.1
- ::1
unbound_outgoing_interfaces: []
unbound_do_ip4: "yes"
unbound_do_ip6: "yes"
unbound_do_udp: "yes"
unbound_do_tcp: "yes"
# list of strings, as the order impact how policies are interpreted
unbound_outgoing_policies: []
unbound_access_control: []
unbound_access_control_tag: []
unbound_access_control_tag_action: []
unbound_access_control_tag_data: []
unbound_access_control_view: []
unbound_private_addresses: []
unbound_private_domains: []
unbound_domains_insecure: []
unbound_do_not_query_addresses: []
unbound_local_zones: []
unbound_local_datas: []
unbound_local_data_ptrs: []
unbound_local_zone_tags: []
unbound_local_zone_overrides: []
unbound_trust_anchors: []
unbound_trusted_keys_files: []
### Remote Control ###
unbound_control_enable: "no"
unbound_control_interface: []
### Stub, forward zones and others ###
unbound_rpz_zones: [] # list of dicts
unbound_stub_zones: [] # list of dicts
unbound_forward_zones: [] # list of dicts
# For stub and forward zones, if a key inside one of the dict is an iterable,
# it will iterate inside it to duplicate the option with all the contained
# values.
# Can be useful in case of multiple forward-addr for a same zone:
# Example:
# unbound_forward_zones:
# - {name: "test.tld", "forward-addr": ["192.0.2.5", "192.0.2.6"]}
unbound_views: [] # list of strings, as options can be multiples
```
Look at the Unbound documentation to get a complete list of options.
When wanting to use an option non listed in the default variables, add the
prefix `unbound_` and replace all dash by an underscore.
If the option can be specified multiple times in `unbound.conf`, it normally
has been transformed in a list for the template. Therefore it should be part of
the default variables.
Check in the `unbound.conf.j2` template if the option is listed, otherwise do
not hesitate to open an issue and I will include it (it is possible that
options brought by a new unbound release would be missing here).
When setting `unbound_logfile`, `use-syslog` will be set as "no" at the same time because it will otherwise overwrite the custom logfile config. ref: [unbound doc](https://linux.die.net/man/5/unbound.conf).
Dependencies
------------
None
Authors
-------
* Anthony Ruhier (aruhier)
* Jonathan Wright (neonardo1)
License
-------
Tool under the BSD license. Do not hesitate to report bugs, ask me some
questions or do some pull request if you want to!